Optical DNA based on non-deterministic errors

ABSTRACT

The claimed subject matter relates to architectures and/or mechanisms that can facilitate issuing, embedding and verification of an optical DNA (o-DNA) signature. A first mechanism is provided for obtaining a set of manufacturing errors inherent in an optical media instance. These errors can be non-deterministic and can be encoded into the o-DNA that can be cryptographically signed with a private key, and then embedded into the source optical media instance. A second mechanism is provided that can decrypt the o-DNA with a public key and compare the authenticated errors to the observed errors to ascertain whether the optical media instance is authentic as opposed to a forgery or counterfeit.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation-in-part of and claims the benefit of U.S. application Ser. No. 11/689,741, filed Mar. 22, 2007, entitled “OPTICAL DNA.” The entirety of this application is incorporated herein by reference.

BACKGROUND OF THE INVENTION

Optical media such as a Compact Disc (CD) or Digital Versatile Disc (DVD) as well as the associated hardware to read the optical media are very commonplace. Given that a typical single sided DVD can achieve a mere 10⁻¹³ dollars per bit stored, optical media represents, by far, the most cost-effective means for storing information today. Accordingly, optical media is perhaps the most widespread means of proliferating protected content. Optical media is also a primary target of fraudulent third parties such as pirates, forgers, or counterfeiters because no adequate means of detecting counterfeited optical media exists today.

Fraudulent activity can be distinguished, for example, for “piracy” vis-à-vis “counterfeiting”. Piracy relates to the situation in which a purchaser is confident that the purchased object is not genuine due to an uncharacteristically low price. However, the purchaser willingly executes the transaction. Such transactions do not typically translate into substantial revenues to the pirate, since the low transaction price is normally well below the market price for an authentic object. On the other hand, counterfeiting relates to a situation in which the seller defrauds the buyer into believing that the merchandise is authentic and collects the full market price for the product. In this case, the counterfeiter collects substantial revenue with profit margins typically higher than that of the original manufacturer due to lack of research and development, marketing costs, and so on.

According to Interpol, World Customs Organization and International Chamber of Commerce estimates that roughly 7-8% of world trade every year is in counterfeit goods. In particular, Glaxo-Smith-Kline in a study with the U.S. Food and Drug Administration estimated that counterfeit drugs account for 10% of the global pharmaceuticals market, while the Business Software Alliance (BSA) estimates that a staggering 36% of software sales worldwide are counterfeit. In addition, according to BSA, the Motion Picture Associate of America, the Recording Industry Association of America, and the International Federation of the Phonographic Industries, losses in the software, music, and movies industries due to counterfeiting far surpass the one billion dollar mark.

SUMMARY OF THE INVENTION

The following presents a simplified summary of the claimed subject matter in order to provide a basic understanding of some aspects of the claimed subject matter. This summary is not an extensive overview of the claimed subject matter. It is intended to neither identify key or critical elements of the claimed subject matter nor delineate the scope of the claimed subject matter. Its sole purpose is to present some concepts of the claimed subject matter in a simplified form as a prelude to the more detailed description that is presented later.

The subject matter disclosed and claimed herein, in one aspect thereof, comprises an architecture that can issue an “optical DNA” (o-DNA) signature to facilitate authentication of optical media. In accordance therewith and to other related ends, the architecture can provide a mechanism for examining an optical media instance in order to ascertain the positions of certain manufacturing errors inherent in all optical media. These error positions can be encoded into a fingerprint and cryptographically signed with a private key of an issuer to produce the o-DNA signature.

In accordance therewith, the o-DNA signature can be embedded into the corresponding optical media instance. Thus, the optical media instance can include the manufacturing errors from which the error fingerprint was derived as well as the signed version of the fingerprint. Accordingly, the optical media instance can be distinguished from other optical media instances (e.g., counterfeit optical media instances) based upon the physical structure or topology of the optical media instance. In particular, a digitally signed error fingerprint (e.g., the o-DNA) that relates to a set of errors that is likely to be employed to ascertain whether the current optical media instance is authentic. Put another way, when making a copy of an optical media instance, it might be possible to copy all data, including the o-DNA signature, however, the replicated o-DNA signature will still include the error fingerprint of the authentic optical media instance rather than for the errors that reside on the copy.

In addition, another architecture can be provided to verify the o-DNA signature in order to facilitate authentication of the optical media instance. For example, the architecture can provide a mechanism for reading the o-DNA signature from an optical media instance. The o-DNA can be decrypted and/or verified as originating from a valid entity (e.g., based upon signing with the issuer's private key). Moreover, the architecture can also receive error data actually observed from the optical media instance and compare the error data with the signed error fingerprint included in the o-DNA. Thus, if the error data read from the current optical media instance does not match the error fingerprint of the existing o-DNA signature, then an implication of fraud can arise.

The following description and the annexed drawings set forth in detail certain illustrative aspects of the claimed subject matter. These aspects are indicative, however, of but a few of the various ways in which the principles of the claimed subject matter may be employed and the claimed subject matter is intended to include all such aspects and their equivalents. Other advantages and distinguishing features of the claimed subject matter will become apparent from the following detailed description of the claimed subject matter when considered in conjunction with the drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a block diagram of a system that can issue an optical DNA (o-DNA) signature to facilitate authentication of optical media.

FIG. 2 is an exemplary optical media instance that includes a set of manufacturing errors.

FIG. 3 is a block diagram an exemplary that can issue an o-DNA signature and embed the o-DNA signature in an optical media instance to facilitate authentication of optical media.

FIG. 4A illustrates a graphical representation of an example encoding of 100010010 utilizing a Non-Return to Zero, Inverted (NRZI) encoder.

FIG. 4B depicts an exemplary graphical representation 402 of the distribution of pulse-widths.

FIG. 5A is an exemplary graphic representation of a distribution of ∥t_(i)−k_(i)|−0.5| over the 24^(th) millimeter of a high-quality DVD.

FIG. 5B depicts an exemplary graphical representation of the probability of an illegal symbol after an occurrence of a single-position error on a legal 16-bit symbol from A.

FIG. 6 is an exemplary graphical representation that includes an upper portion depicting a pie chart of percentages associated with each error type and a lower portion illustrating a number of shifts necessary for a re-synch.

FIG. 7 depicts an exemplary graphical representation of a distribution of distances between two consecutive errors on a disc.

FIG. 8 illustrates an exemplary optical media instance with an o-DNA signature.

FIG. 9 is a block diagram of an exemplary system that can verify an o-DNA signature to facilitate authentication of optical media.

FIG. 10 depicts an exemplary table that illustrates error scanning results obtained from reading errors from four different optical media instances with three different types of contents.

FIG. 11 illustrates a block diagram of an exemplary system that can facilitate and provide notifications.

FIGS. 12A and 12B illustrate a block diagram of exemplary systems that include an intelligence component.

DETAILED DESCRIPTION

The claimed subject matter is now described with reference to the drawings, wherein like reference numerals are used to refer to like elements throughout. In the following description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the claimed subject matter. It may be evident, however, that the claimed subject matter may be practiced without these specific details. In other instances, well-known structures and devices are shown in block diagram form in order to facilitate describing the claimed subject matter.

As used in this application, the terms “component,” “module,” “system,” “interface,” or the like are generally intended to refer to a computer-related entity, either hardware, a combination of hardware and software, software, or software in execution. For example, a component may be, but is not limited to being, a process running on a processor, a processor, an object, an executable, a thread of execution, a program, and/or a computer. By way of illustration, both an application running on a controller and the controller can be a component. One or more components may reside within a process and/or thread of execution and a component may be localized on one computer and/or distributed between two or more computers.

Furthermore, the claimed subject matter may be implemented as a method, apparatus, or article of manufacture using standard programming and/or engineering techniques to produce software, firmware, hardware, or any combination thereof to control a computer to implement the disclosed subject matter. The term “article of manufacture” as used herein is intended to encompass a computer program accessible from any computer-readable device, carrier, or media. For example, computer readable media can include but are not limited to magnetic storage devices (e.g., hard disk, floppy disk, magnetic strips . . . ), optical disks (e.g., compact disk (CD), digital versatile disk (DVD) . . . ), smart cards, and flash memory devices (e.g., card, stick, key drive . . . ). Additionally it should be appreciated that a carrier wave can be employed to carry computer-readable electronic data such as those used in transmitting and receiving electronic mail or in accessing a network such as the Internet or a local area network (LAN). Of course, those skilled in the art will recognize many modifications may be made to this configuration without departing from the scope or spirit of the claimed subject matter.

Moreover, the word “exemplary” is used herein to mean serving as an example, instance, or illustration. Any aspect or design described herein as “exemplary” is not necessarily to be construed as preferred or advantageous over other aspects or designs. Rather, use of the word exemplary is intended to present concepts in a concrete fashion. As used in this application, the term “or” is intended to mean an inclusive “or” rather than an exclusive “or”. That is, unless specified otherwise, or clear from context, “X employs A or B” is intended to mean any of the natural inclusive permutations. That is, if X employs A; X employs B; or X employs both A and B, then “X employs A or B” is satisfied under any of the foregoing instances. In addition, the articles “a” and “an” as used in this application and the appended claims should generally be construed to mean “one or more” unless specified otherwise or clear from context to be directed to a singular form.

As used herein, the terms to “infer” or “inference” refer generally to the process of reasoning about or inferring states of the system, environment, and/or user from a set of observations as captured via events and/or data. Inference can be employed to identify a specific context or action, or can generate a probability distribution over states, for example. The inference can be probabilistic—that is, the computation of a probability distribution over states of interest based on a consideration of data and events. Inference can also refer to techniques employed for composing higher-level events from a set of events and/or data. Such inference results in the construction of new events or actions from a set of observed events and/or stored event data, whether or not the events are correlated in close temporal proximity, and whether the events and data come from one or several event and data sources.

Referring now to the drawing, with reference initially to FIG. 1, a system 100 that can issue an optical DNA (o-DNA) signature to facilitate authentication of optical media is depicted. Generally, system 100 can include examination component 102 that can receive or identify error data 104 associated with an optical media instance (not shown). For example, due to a wide variety of factors, many of which are discussed infra in connection with FIG. 2, the manufacture of an optical media instance (e.g., a compact disc (CD) or digital versatile disc (DVD)) inevitably results in a number of manufacturing errors extant on each optical media instance. Conventional hardware suitable for reading a particular optical media instance (e.g., a CD or DVD player) is capable of detecting these manufacturing errors, but the end-user is normally unaware of the errors because the hardware or other existing playback components can perform error-correction procedures on-the-fly to reconstruct data payloads (e.g., the content stored on the optical media instance), and deliver error-free payloads despite of the presence of these manufacturing errors.

With even the most highly advanced equipment today, the manufacturing errors are difficult if not impossible to eliminate or control. Moreover, given that error-correction is a much cheaper alternative to producing error-free optical media instances, should the technology and/or precision be developed to produce an error-free optical media instance, such technology would likely be utilized to, e.g., increase the storage capacity of the optical media until it is dense enough to introduce manufacturing errors that can be cost-effectively corrected with hardware and/or software resident on future media players, just as today's media players do. Accordingly, manufacturing errors associated with optical media instances exist today and are likely to remain into the foreseeable future irrespective of technological advances. Moreover, these manufacturing errors are virtually certain to be unique from one instance to the next. Thus, a state-of-the-art manufacturing facility that produces DVDs for a popular film studio, or CDs or DVDs for a large software vendor will likely see a different set of manufacturing errors on each instance, even for those instances produced within a few moments of one another by the same manufacturing equipment.

As discussed, consumer-grade devices are capable of detecting extant manufacturing errors for a particular optical media instance, in fact the detected errors are commonly employed for an error-correction process. Such error data 104 can be received and utilized by examination component 102 in order to construct an error fingerprint associated with that particular optical media instance. Since the set of manufacturing errors for a particular optical media instance can be unique, the error fingerprint constructed by examination component 102 can likewise be unique for any given optical media instance.

In accordance with one or more aspect of the claimed subject matter, the error fingerprint can be constructed based upon a count and/or relative locations of a given set of manufacturing errors extant on that particular optical media instance. It is to be appreciated, however, that not all manufacturing errors extant on a particular optical media instance need be employed to construct the error fingerprint. Rather, the error fingerprint can be limited to only errors on certain portions of the optical media instance and/or limited only to certain types of errors, such as, e.g., errors that occur within a given distance of a sequential or adjacent error, errors that are non-deterministic, or the like, all of which is discussed in more detail, infra.

It is also to be appreciated that in some scenarios it can be beneficial to manage the size (e.g., number of bits) of the error fingerprint. Accordingly, the error fingerprint can be a fixed-length bit-string that represents all or a relevant portion of the manufacturing errors extant on an optical media instance. In addition, according to an aspect of the claimed subject matter, the error fingerprint can be compressed and/or optimized such that a substantially minimal number of bits are necessary to describe a relevant error, which is further described below.

System 100 can also include issuing component 106 that can be operatively coupled to examination component 102. Irrespective of the manner employed by examination component 102 to encode and/or represent the error fingerprint, the error fingerprint can be delivered to issuing component 106. The issuing component 106 can generate o-DNA signature 108 for the optical media instance based at least in part upon the error fingerprint.

It should be understood and appreciated that o-DNA signature 108 can include information other than the error fingerprint such as a product ID associated with content stored in the optical media instance as well as other suitable data. In addition, issuing component 106 can cryptographically sign the error fingerprint (and other message data) in a manner understood in the arts in order to generate o-DNA signature 108. One example is to employ the Bellare-Rogaway Probabilistic Signature Scheme (PSS/PSS-R) for signing the message data included in o-DNA signature 108. In accordance with one or more aspect of the claimed subject matter, o-DNA signature 108 can be signed using a private key of an issuer, such as the issuer of the optical media instance or the content stored thereon.

In addition, as will be detailed further in connection with FIG. 3, o-DNA signature 108 can be embedded in the underlying optical media instance from which the error data 104 was received. The o-DNA signature 108 can be embedded as part of a post-production process presently known in the art or later developed, or as part of a standard write such as in the case of writable/re-writable optical media. Thus, o-DNA signature 108 can serve as a mechanism that can uniquely identify and/or verify that the underlying optical media instance is authentic. For example, the multidimensional physical structure of the underlying optical media instance, and in particular the pattern of manufacturing errors, can effectively serve as a certificate of authenticity (COA), that can be verified and/or vouched for by o-DNA signature 108.

By way of illustration, a COA is typically an inexpensive physical object that has a random and unique multidimensional structure, S, which is hard to near-exactly replicate. An inexpensive device should be able to scan the object's physical “fingerprint” in order to obtain a set of features in the form of a multidimensional signal, x, that pseudo-uniquely represents S. For a given fingerprint, x, and without access to S, it should be computationally difficult to construct an object of fixed dimensions with a fingerprint, y, which is at a bounded proximity from x according to a standardized distance metric. Thus, in accordance with the features and concepts described herein, it is to be appreciated that existing optical media instances can behave as COAs.

It is to be appreciated that a COA can be employed to protect against forgery as well as other types of fraud. In accordance therewith, a COA can be a digitally signed physical object of fixed dimensions that has a random unique structure which satisfies one or more of the following requirements:

-   -   R1: The cost of creating and signing original COAs is small,         relative to a desired level of security.     -   R2: The cost of manufacturing a COA instance is several orders         of magnitude lower than the cost of exact or near-exact         replication of the unique and random physical structure of this         instance.     -   R3: The cost of verifying the authenticity of a signed COA is         small, again relative to a desired level of security. One key to         the analysis of COA instances is the extraction of its         fingerprint (e.g., a set of features that reliably represents         its multi-dimensional structure). This process is typically         based on specific physical phenomenon and produces a         cardinality-N vector of integers x∈N^(N). This can impose that:     -   R4: It should be computationally difficult to construct an         object of fixed dimensions with a fingerprint, y, such that         ∥x−y∥<δ, where x is a given fingerprint of an unknown COA         instance and δ bounds the proximity of x and y with respect to a         standardized distance metric ∥·∥.

An additional requirement, mainly impacted by a desired level of usability, is that a COA should be robust to ordinary wear and tear. In essence, COAs connect the physical and digital world into a unifying concept that can be applied to a variety of security applications, ranging from anti-skimming for credit cards to tamper-evident seals. Moreover, COA instances can be created in numerous ways. For example, when covering a surface with an epoxy substrate, its particles can form a low-rise but random 3D landscape, which uniquely reflects light directed from a certain angle. Hence, COAs can be based upon the fact that optical media, even when freshly imprinted, still has numerous errors due to the nature of the manufacturing process.

In particular, numerous types or classes of errors can exist on any given optical media instance, which is further detailed in connection with FIG. 2. However, as a brief introduction, several of these error types can now be described. Generally, only errors that are detectable by an end-user component or device need be addressed, of which several are discussed herein, yet it should be appreciated that other classes of errors can be employed in connection with error data 104, the error fingerprint, or o-DNA signature 108. Error type 1 can relate to errors that occur on each optical media instance that is imprinted using the same “negative” (discussed infra). Error type 2 can relate to errors that are unique for every optical media instance, for which detection of an error of type 2 by an associated end-user device is deterministic. In contrast, Error type 3 can relate to errors that are unique for every optical media instance, yet detection of errors of type 3 is non-deterministic, wherein the likelihood that such errors are detected is approximately 0.5 or 50%. Errors denoted herein as error type 4 can relate to errors due to wear and tear on the optical media instance.

It should be appreciated that errors of types 1-3 occur at manufacturing, while errors of type 4 typically increase throughout the life of the optical media instance. It should be further appreciated that production errors can be mimicked to some degree. For example, an adversary might stamp counterfeit discs using a negative that already has desired errors imprinted. However, the adversary cannot control the rate of additional inevitable errors (e.g., types 1-3), especially when using lower-cost manufacturing processes and/or materials. Accordingly, an expectation can arise that “counterfeit” optical media instances produced by attempting to mimic production errors of an authentic instance will have at least or approximately twice as many errors as the authentic instance, given comparable printing technologies. Moreover, when attempting this type of behavior, the adversary can typically only reproduce errors of type 2, yet errors of type 3 cannot be reliably produced by an adversary. Accordingly, o-DNA signature 108 that is constructed based upon errors of type 3 can be much more resilient to this type of adversarial attack.

Turning now to FIG. 2, exemplary optical media instance 200 is illustrated. In general, optical media instance 200 can be substantially any type of optical media including but not limited to the following formats, standards, and/or technologies: CD, CD-R, CD-RW, Laserdisc, MiniDisc, Universal Media Disc (UMD), DVD, DVD±R, DVD±RW, DVD±R DL, DVD-RAM, Blu-ray Disc (BD), BD-R, BD-RE, High Density (HD) DVD, HD DVD-R, Ultra Density Optical (UDO), and so on. While optical media instance 200 can be substantially any type of optical media format, example optical media instance 200, as well as other examples included herein, will be further detailed in the context of a standard DVD-R for the sake of brevity and clarity. Moreover, unless specified otherwise, optical media instance 200 will be described in the context of a single sided disc (e.g., DVD-5 or DVD-9) of the standard 120 mm (4.72 in.), although it is to be appreciated that double sided optical media instance 200 as well as other dimensions (e.g., 80 mm or 3.15 in.) are contemplated to be within the spirit and scope of the claimed subject matter.

Impression-based manufacturing of many types of optical media instance 200 is a well understood process with low variance of output produced within the same manufacturing facility; however, with possibly strong variance of output across different facilities—in particular for low quality manufacturing facilities. In order to provide addition context for the claimed subject matter, consider the following exemplary manufacturing process for a DVD-R disc.

DVD-R media is created using a high-speed automated replication process. Initial glass master of data to be used for disc creation is created by way of a photolithography process using a laser beam recorder to expose a photo resist coated blank glass master. For DVD-5 (e.g., single sided, single layer) a single glass master is required as data is wholly contained on one layer of the disc. For DVD-9 (e.g., single sided, dual layer), two glass masters must be created, one for each layer. The glass master is “developed” after exposure resulting in a pattern of bumps in the remaining photo resist. The glass master is typically nickel metal plated to create a “father”, or a mirror image negative of the data created by the laser beam recording process on the glass master. The father is separated from the glass master and plated with nickel again to create a “mother” positive (e.g., the same as the original glass master). Each mother is again nickel plated to create a “stamper”. The stamper is again a negative image of the original data (e.g., similar to the father) created by the laser beam glass mastering. One father can create 5 to 20 mothers, and a single mother can create up to 50 stampers. In turn, each stamper can create up to 10⁵ discs. The stampers are separated from the mother after plating, and then “punched” to correct outside diameter and correct hub hole inner diameter as required for the specific molding equipment used at the manufacturing plant.

The punched stamper is mounted inside the molding chamber of the manufacturing line. Molten polycarbonate (or some other optically clear, stable resin) is injected under pressure, heat and humidity into the mold chamber. The pattern of pits and lands on the stamper are impressed into the clear polycarbonate under up to several tons of pressure. The polycarbonate is rapidly cooled by way of chilled water flowing through the mold chamber housing, separated from the stamper and ejected from the mold chamber. This is considered a DVD half-disc, as it is one layer of the final DVD. At this stage, the disc is crystal clear and would not reflect a laser beam in a conventional DVD player.

For DVD-5 the following steps are then executed. Using a sputtering process, the ejected clear polycarbonate is plated with a layer of fully reflective material such as aluminum in order to reflect the laser beam in the DVD player. A clear half disc (no data stamped into the polycarbonate) is bonded onto the aluminum coated half disc creating a final disc 1.2 mm thick, with the data in the middle of the disc at approximately 0.6 mm from the bottom surface of the disc.

For DVD-9 the following steps are then executed. The bottom half of the disc is coated with a semi-reflective material that not only will reflect some of the laser beam in the DVD player, but will also allow the laser beam to pass through this layer. The top half disc is coated with aluminum to be fully reflective. The two half discs are bonded together such that the semi-reflective material and aluminum are facing each other at the bonding junction approximately 0.6 mm from the bottom of the disc.

In each of the steps above mechanical tolerances will be present. The degree of jitter and degree of run out in the original glass master will set a baseline for the final, finished discs as to the number of errors present. As each plating process to create the father, mothers, and stampers is executed, additional mechanical tolerances and microscopic differences will be introduced, again resulting in varying levels of intrinsic errors. Each stamper will have its own unique set of errors as a result of the tolerance of punching the stamper and mechanically mounting that stamper into a molding chamber.

Once the molding process begins sources of error are mechanical wear on the stamper. Given that a single stamper can create up to 10⁵ impressions, as each disc is stamped, the stamper wears, resulting in disc #1 of that stamper being different than disc #10⁵ from that stamper. Moreover, if the line runs fewer than 10⁵ discs and then the stamper is removed and subsequently placed back into a mold chamber, the process of dismounting the stamper, handling, storing, and reinstalling the stamper will introduce additional mechanical tolerance changes.

Moreover, each disc created by the molding process is subject to the feed temperature of the polycarbonate, the heat, humidity, and pressure in the mold chamber, the quality of the polycarbonate, and how rapidly the polycarbonate is cooled. The mechanical handling of the separation from the stamper and transfer into the remaining processes can all introduce mechanical stresses and changes that will impact the final error signature of the disc. For example, the speed at which the polycarbonate cools and how rapidly the polycarbonate is pulled from the stamper will create changes in the shapes of the pits and lands, and these changes can result in errors.

In addition, the sputtering processes to apply either the semi-reflective material or the fully reflective aluminum can also have mechanical tolerances that will impact the thickness of the reflective material as well as the amount of reflectivity across the surface of the disc. Changes in reflectivity of the disc as it is scanned by the laser in the DVD player will impact the error rate of the disc. Bonding the two half discs together introduces potential differences in the run out of the two half discs. Finally the finishing of the label on the top surface of the disc can introduce mechanical stresses that create errors. All of these sources of mechanically induced differences in the finished disc will impact the error rate of the finished disc. In accordance therewith, the example optical media instance 200 can include a number of manufacturing errors, even when brand new and freshly off the production line, some of which are labeled with reference number 202.

Referring now to FIG. 3, an exemplary system 300 that can issue an o-DNA signature and embed the o-DNA signature in an optical media instance to facilitate authentication of optical media is depicted. Generally, system 300 (as with system 100) can be included in a specialized optical media reader or player device or unit, potentially included in or operatively coupled to impression-based manufacturing equipment suitable for creating optical media instances. Moreover, system 300 and can include examination component 302 that can receive or identify error data 304 associated with an optical media instance 306. The error data 304 can be, e.g., all or a portion of the manufacturing errors associated with the optical media instance 306, such as errors 202 described in connection with FIG. 2. In one or more aspects, error data 304 can include a count of relevant errors as well as information associated with the location for each of the relevant errors. In other aspects, the count of relevant errors is not necessary, while in still other aspects only very specific error types can be utilized for error data 304. In particular, error data 304 can be comprised entirely of non-deterministic manufacturing errors, such as errors denoted herein as type 3 errors.

The examination component 302 can construct fingerprint 308 (denoted, f) based upon all or a portion of the error data 304. Hence, error data 304 can include substantially all detectable errors on optical media instance, while fingerprint 308 is generated to include only, say, non-deterministic type 3 errors. Furthermore, given that type 3 errors are by definition non-deterministic, a single read operation of optical media instance will yield only a probability of detecting an existing error. Accordingly, to distinguish between errors of type 2 and those of type 3, examination component 302 can read a region of optical media instance 306 multiple times. For example, consider the case in which examination component 302 reads the 24^(th) millimeter of optical media instance 306, say, ten times. Since the probability of detecting a type 3 error is approximately 50%, then any type 3 error in that portion of optical media instance should be detected roughly 5 times out of the 10 reads plus or minus some acceptable error range. Thus, an error detected, say, 3 through 7 times out of the 10 samples can be classified as a type 3 error. All other errors in the sampled region that occur with a different frequency can be considered as deterministic type 2 errors (e.g., false positives). Moreover, as described supra, fingerprint 308 can be compressed and/or optimized to encode all or portions of error data 304 with a minimal number of bits per error, and, in addition, the fingerprint 308 can be a fixed-length bit string to, e.g., facilitate multi-system integrity.

The examination component 302 can transmit fingerprint 308 to issuing component 310, which can issue an o-DNA signature 326 for optical media instance 306 based at least in part upon fingerprint 308. According to one aspect of the claimed subject matter, issuing component 310 can concatenate fingerprint 308 with tag data 312 (denoted, t) obtained from tag 314. Tag 314 is depicted to include a product ID associated with data included on the optical media instance 306; an expiration date (e.g., associated with a digital certificate or the like); options; and available regions (e.g., information associated with media players and/or encoding schemes for the data). However, it is to be appreciated that the depicted tag 314 is merely exemplary, and could include other suitable data. Likewise, tag 314 need not include some or all the depicted fields. Regardless, tag data 312, which can be all or a portion of the data included in tag 314 can be concatenated with fingerprint 308 to create a combined bit-string 316 (denoted w). Hence, w can be, for example, f∥t.

The combined bit-string 316 can be supplied to signature component 318, where the combined bit-string 316 can be cryptographically signed (denoted S) and/or hashed (denoted H) based upon any suitable means. According to one or more aspect of the claimed subject matter, signature component 318 can employ private key 320 associated with an issuer (described in more detail infra). Accordingly, signature component 318 can output signature 322 (denoted s) that can be substantially defined as, s=S(H(w)). The signature 322 as well as (optionally) the combined bit-string 316 can comprise the information that represents o-DNA signature 326, which can, e.g., uniquely identify optical media instance 306. In addition, signature 322 (and, potentially, the combined bit-string 316) can be supplied to impression component 324, which can embed o-DNA signature 326 in the optical media instance 306.

Since o-DNA signature 326 is virtually certain to be unique and based upon correspondingly unique physical properties associated with optical media instance 306, embedding o-DNA signature 326 in optical media instance 306 can thus facilitate verification that the optical media instance 306 is authentic. It is to be appreciated that impression component 324 can embed o-DNA signature 326 in a variety of ways. For example, with a standard DVD±RW disc, o-DNA signature 326 can be written to the disc with conventional DVD players (with write capabilities) prior to finalizing and/or completing a table of contents for the disc. As another example, with a standard DVD-R disc (that is typically not editable), o-DNA signature 326 can be embedded in the disc by employing a well-known post-production process that provides a mechanism for writing a certain number of bits to an optical media instance post-molding and/or post-bonding.

It should be appreciated that in one or more aspects of the claimed subject matter, multiple o-DNA signatures 326 can be embedded in optical media instance 306. Embedding multiple o-DNA signatures 326 can be particularly useful in the case in which only non-deterministic errors (e.g., type 3 errors) are employed in connection with o-DNA signature 326. For example, since detection of type 3 errors is non-deterministic, there is no certainty that any given type 3 error will be detected by a reader, but rather, only a probability of detection that is typically about 0.5 since type 3 errors can occur when a signal floor change is read approximately midway between allowable clock cycles. Thus, there is about a 50-50% chance as to whether a reader or decoder will select the lower or the upper of the two values and, thus, a 50% chance that an error will be registered since only one of the values can be correct and the other incorrect. These and other features are further detailed in connection with FIGS. 4A and 4B, infra.

Regardless, given the fact that media players or decoders from different manufacturers can be configured in different ways or with slight variances, the set of detectable errors (e.g., error data 104, 304) can differ among different optical media player manufacturers or brands. Hence, in one or more aspects of the claimed subject matter, examination component 302 can include or be operatively coupled to an adjustable laser beam or sensor that is employed to read optical media instance 306 when identifying error data 304. Accordingly, the laser beam can be selectively adjusted to emulate the position and/or angle for substantially any commercial reader. Appreciably, given reader variances, some readers will not detect the same errors as other readers, yet the entire range of all readers can be sampled or identified. Moreover, each group of similar readers (e.g., those that produce substantially similar error data 304) can be associated with a corresponding o-DNA signature 326, which can be packaged and signed. Thus, multiple packages can be signed and all o-DNA signatures 326 can be stored onto optical media instance 306. Accordingly, regardless of the brand of reader ultimately employed for optical media instance 306, the correct package or o-DNA signature can be selected based upon an ID associated with the reader. Although not likely to be necessary, it should be appreciated that a different o-DNA signature 326 can be utilized for each manufacturer or model of reader.

As noted supra, impression component 324 as well as other components associated with systems 100 or 300 can be included in or operatively coupled to manufacturing equipment suitable for producing or fabricating optical media instances. As discussed in connection with FIG. 2, the fabrication process can utilize negatives for creating these optical media instances. In accordance therewith, in one or more aspects of the claimed subject matter, these negatives can be employed by a manufacturer to intentionally introduce errors. In particular, non-deterministic type 3 errors can be purposefully introduced to the negative(s) to force those types of errors to be more common, at least at a certain relevant region of the negative (and therefore, by proxy, any instance produced from the negative). For example, pits or gaps can be placed or intentionally adjusted so that they will create signal floor changes that occur at half-way integer clock cycle values. Thus, when these pits or gaps and/or floor changes are read, non-deterministic type 3 errors can be detected. Appreciably, by introducing such errors, verification on the end-user side (e.g., FIG. 9 or 11) can be sped up or optimized.

FIGS. 4-7 can present additional context for the claimed subject matter and are provided to aid in the understanding of what is disclosed herein. In particular, FIGS. 4-7 relate to additional aspects, features, and/or embodiments, or generally offer more detail or clarity with respect to the claims appended hereto, and are intended to be discussed in connection with FIG. 3. For example, as introduced supra, only a portion of the inevitable errors associated with the manufacture of an optical media instance 306 need be employed to create the fingerprint 308. Accordingly, the fingerprint 308 can be constructed (e.g., by the examination component 302) based upon an error model associated with well-known and/or standard means for detecting errors in the optical media instance 306.

Turning now to FIG. 4A, a graphic illustration of an example encoding 400 of 100010010 utilizing a Non-Return to Zero, Inverted (NRZI) encoder is shown. NRZI is a method of mapping a binary signal to a physical signal for transmission over some transmission media. The immediate output of the physical readout from a DVD-R consists of an NRZI-encoded signal clocked at 26.1 MHz. The signal is high or low depending on whether there is a pit or a land on the optical disk. The NRZI encoding is such that between two ones (e.g., a floor change signal) the signal stays at the same level for a certain number of clock cycles, k, where k is an integer ∈

, where

≡{3, 4, 5, 6, 7, 8, 9, 10, 11, 14}. That is, the NRZI signal has a transition at a clock boundary if the bit being transmitted is a logical one, and does not have a transition if the bit being transmitted is a logical zero, and the number of clock cycles between two logical ones (e.g., floor changes) is valid for k.

As depicted, the first logical one changes the floor from low to high, where it remains for the next four (which is a valid k value) clock cycles, whereupon the second logical 1 signifies a change from high to low for the succeeding three clock cycles (also a valid k value), and so on. It is to be appreciated, however, that the example encoding 400 is an “ideal” representation. Conventionally, due to manufacturing inefficiencies, the distance between two signal floor changes is not always an exact multiple of the master clock cycle. Rather, the multiple can be a random variable, t, that can be represented as: t _(i) ≡k _(i)+

(0, σ_(M)), k _(i)∈,  (1) where

(0, σ_(M)), can denote a random zero-mean Gaussian variable with standard deviation equal to σ_(M). Generally, it should be appreciated that high-quality manufacturing should have relatively low σ_(M). It can be assumed that the legal publisher of protected DVDs and other optical media instances 306 will use state-of-the-art manufacturing, and therefore that it would be a considerable challenge to achieve significantly better error rates by an adversarial manufacturing process. Accordingly, an exemplary error model can be postulated as follows:

-   -   (i) The probability that a signal with ½−ε<|t_(i)−k_(i)|<½ is         incorrect, is 0.5.     -   (ii) The probability that a signal with ½−ε≧|t_(i)−k_(i)| is         incorrect, is 0.     -   (iii) The probability that a signal with ½+ε≦|t_(i)−k_(i)| is         incorrect, is 1.

The probability model is likely to be smooth over |t_(i)−k_(i)|. In accordance therewith, the model can be simplified for two reasons: (1) it can be expected that the player decision will sharply (but smoothly) change for a specific ε; and (2) all parameters need not be estimated for the model. It should be appreciated that the above-referenced line (i) can correspond to non-deterministic errors classified as error type 3, whereas line (iii) can correspond to deterministic errors discussed above as error type 2. In one or more aspects of the claimed subject matter, error data (e.g., error data 104 or 304), error fingerprint 308, or o-DNA signature 108 or 326 can be limited to a single error type, for example, errors of type 3.

Referring to FIG. 4B, an exemplary graphical representation 402 of the distribution of pulse-widths, t_(i), is presented. The representation 402 is based upon reading over the 24^(th) millimeter of a single high-quality DVD (e.g., optical media instance 302) with the installation data for a popular Integrated Development Environment (IDE). It is to be appreciated that other portions of the optical media instance 302 could be read and/or the optical media instance 302 could include other content as well without substantial changes to the representation 402. It is noteworthy to underscore that the pulse-width distributions tend to peak 404 at or near integer values (e.g., k) and tend to trough 406 mid-way between integer values. Thus, the probability that t_(i) is close to an integer value is relatively high and conversely the probability that t_(i) is half-way between two integers, is around two orders of magnitude lower. In accordance with the discussion supra it should be appreciated that errors of type 2 will tend to be detected at peaks 404 and are, thus, deterministic. On the other hand errors of type 3 will tend to occur at troughs 406, and therefore be non-deterministic only one or the other bounding integer values will be used.

FIG. 5A illustrates an exemplary graphic representation 500 of a distribution of ∥t_(i)−k_(i)|−0.5| over the 24^(th) millimeter of a high-quality DVD. For example, to estimate the error rate, the distribution of ∥t_(i)−k_(i)|−0.5| is over the same portions of the same optical media instance 302 used to plot the distribution in FIG. 4B. Such data can be obtained with a DVD player with an analog Transistor-Transistor Logic (TTL) output representing the NRZI encoded signal recorded at the output of the optical sensor in the DVD player. The TTL output was sampled at a rate of 10Gsamples/sec to produce accurate statistics about t_(i) for the optical media instance 302 under test. The graphical representation 500 illustrates that the likely error rate on the optical media instance 302, assuming an error threshold, ε∈[0.05, 0.1] and that the Pr[½+ε≦|t_(i)−k_(i)|]=0, is roughly on the order of 10³. This estimate can be employed to validate other results detailed infra.

The DVD-R standard utilizes an efficient codec for converting an alphabet, A, which consists of 16-bit symbols encoded using NRZI, into an alphabet, L, of 256 8-bit words. It should be underscored that not all 16-bit symbols belong to A. Thus, legal 16-bit symbols (e.g., those that belong to A) can be distinguished from illegal 16-bit symbols (e.g., those that do not belong to A), even though either symbol read from the optical media instance 302 can be the result of an error.

Referring now to FIG. 5B, an exemplary graphical representation 502 of the probability of an illegal symbol after an occurrence of a single-position error on a legal 16-bit symbol from A is depicted. For example, the graphical representation 502 illustrates the probability that a legal 16-bit keyword remains legal after the event of an arbitrary single position error. Since the probability of an error itself is relatively low, only the case in which a symbol from A is affected by a single error need be considered herein.

One can notice that the overall probability that a 16-bit symbol error cannot be found in the look-up table A→L, is roughly p=0.11. That means that although there exists an error on the optical disk, the likelihood that it will be detected during NRZI decoding is relatively low and equals p. However, such errors are detected accurately in higher levels of decoding.

The main synchronization primitive for low-level encoding in the DVD-R standard can be a cluster of 26 data fields. Each field can consist of a specific synchronization pattern (e.g., 32 NRZI-bits long) and a payload of 91 symbols from A (e.g., a 1456 NRZI-bits payload). The synchronization pattern can be a 32-bit synchronization symbol selected from a specific 32-symbol alphabet, S. Accordingly, the 38688-bit clusters can represent the main storage unit on an optical media instance 302 such as a DVD-R. A classification of the error types can be found in connection with FIG. 6.

Turning now to FIG. 6, an exemplary graphical representation 600 that includes an upper portion depicting a pie chart of percentages associated with each error type and a lower portion illustrating a number of shifts necessary for a re-synch is provided. The occurrence of each error type that was detected is again within the 24^(th) millimeter of a single DVD disk. In general, the error types that can occur can be summarized as follows:

-   -   (a) illegal codeword—a payload symbol is altered due to an error         and the resulting codeword cannot be found in the set of legal         words, A. An illegal codeword is labeled with reference numeral         604 and accounts for approximately one-third of the errors         detected with low-level NRZI decoding.     -   (b) codeword still in A after error—a payload symbol is altered         due to an error; the new symbol exists in A. These types of         errors are not easily detectable with low-level decoding, and         thus are not illustrated on the graphical representation 600     -   (c) shift required to correct a synchronizing symbol—errors         commonly shift the synchronization symbols with respect to their         correct position within a cluster. Typically, adjustment shifts         for one or two positions are sufficient to realign the         synchronization symbols. This error type is denoted with         reference numeral 608 and accounts for nearly two-thirds of the         detected errors.     -   (d) illegal synchronization codeword—a synchronization symbol is         altered due to an error and the new code-word is not found in         the set of legal synchronization code-words, S. This error type         is indicated by reference numeral 606 and account for fewer than         1% of the errors.     -   (e) all zeroes codeword—all bits of a symbol equal zero. Such a         symbol is not legal in either A or S. Accordingly, such a symbol         can be provided special attention because it corresponds to a         specific manufacturing error. An “all zeroes codeword” error is         represented by reference numeral 602 and accounts for about 4%         of the detected errors.

Again, since no Eight-to-Fourteen (EFM) decoding (e.g., higher level decoding) was employed, no errors of type (b) were detected. As mentioned earlier, the expectation is that the number of errors of type (b) is approximately 9 times greater than errors of type (a) (e.g., 89% versus 11%). The lower portion of the graphical representation 600 illustrates the probability that a shift of x integer positions re-synchs a synchronization codeword to its proper position once an error of type (c) (e.g., reference numeral 606) is detected. One can observe that virtually all errors of type (c) are such that a one-position shift (e.g., one position forward or one position backward) re-synchs the payload cluster.

Referring again to FIG. 3, it is to be appreciated that in addition to an error model and error classification employed, for example, for receiving the error data 304 and constructing the fingerprint 308, another noteworthy aspect of the examination component 302 can be compression of error positions of the manufacturing errors included in the error data 304. In particular, this aspect can be associated with the compression and/or optimization of the fingerprint 308, and can be more thoroughly explained in connection with FIG. 7.

While still referencing FIG. 3, but turning also to FIG. 7, an exemplary graphical representation 700 of a distribution of distances between two consecutive errors on a disc (e.g., optical media instance 302). Yet again, data is presented for the 24^(th) millimeter of a single DVD disc. Distances are measured in terms of a number of 16-bit symbols that occur between each error. In particular, the distance between two consecutive error positions, e_(i) and e_(i+1), can be denoted as d_(i). One can readily notice, and it is further highlighted by the reference circle 702 that the variable d over all collected error distances is concentrated in 1≦d≦92, and at multiples of 93 symbols, which is the length of a single cell in a cluster (e.g., a synchronization codeword followed by 91 payload codewords).

In accordance therewith, the following selection-based encoding can be adopted, whereby only errors at a distance d_(E)≡[1, 92] ∪93k are compressed, where k∈N⁺. Approximately 75% of all errors are represented by such a selection. Finally, the number of bits necessary to encode a single error position can be estimated. For example, the entropy of error distances over d_(E) can be computed from the collected results, and it can be observed that an individual error location can be compressed using 7.72 bits, on the average.

Referring now to FIG. 8, an exemplary optical media instance 800 with o-DNA is illustrated. In general, as with the optical media instances 200, 306 from FIGS. 2 and 3, respectively, the optical media instance 800 can include a set of manufacturing errors 802. The optical media instance 800 can also include an o-DNA signature 804 that can encode a pattern of a subset of the set of manufacturing errors 802 to facilitate authentication of the optical media instance 800. The o-DNA signature 804 can be cryptographically signed with a key, typically a private key, associated with an issuer.

The issuer can be, for example, an author or rights-holder of the content stored in the optical media instance 800 such as multimedia content (e.g., software applications, feature films, videos, music, or commentary to list but a few). In addition, the issuer can an authorized manufacturer of the optical media instance 800, or a third-party agent of the author, rights-holder, or manufacturer who can, e.g., employ a private key to sign the o-DNA signature 804 on behalf of the author, rights-holder, or manufacturer.

It is to be appreciated that optical media such as optical media instance 800 is the most cost-effective means for storing information today. A typical single sided DVD can achieve a mere 10⁻¹³ dollars per bit stored. As a result, optical media is indispensable for storing and purveying data. Likewise, optical media is also a primary target of fraudulent third parties such as pirates, forgers, or counterfeiters because heretofore, no good way of detecting counterfeited optical media existed. However, an advantage of including the o-DNA signature 804 is that the optical media instance 800 can be authenticated. Conversely, by including the o-DNA signature 804 on the optical media instance 800, non-authentic optical media can be detected. Moreover, the o-DNA signature 804, as described herein, can be a very low-cost mechanism for counterfeit deterrence in connection with such media that can be, further, cryptographically secure and predictably strong. The cost per optical media instance 800 of adding the o-DNA signature 804 is virtually zero for writable/rewritable optical media and negligent in most cases for optical media that is not writable.

With reference now to FIG. 9, system 900 that can verify an o-DNA signature to facilitate authentication of optical media is illustrated. Generally, the system 900 can be included in or operatively coupled to commercial optical media players or decoders such as end-user CD or DVD player devices or units. Moreover, system 900 can include a receiving component 902 that can receive information read from an optical media instance (not shown) such as, for example, the optical media instance 800 from FIG. 8. For example, the received information can be obtained from a host optical media reader and can include both error data 904 and an o-DNA signature 906. The error data 904 can relate to a count and/or respective positions of a set of manufacturing errors extant on the optical media instance. The o-DNA signature 906 can include a cryptographically signed composite bit-string comprising an error fingerprint, f, wherein the error fingerprint corresponds to manufacturing error data (e.g., error data 904) on an authentic optical media instance.

The system 900 can also include a verification component 904 operatively coupled to the receiving component 902. The verification component 904 can compare the o-DNA signature 906 to the error data 904 to, e.g., determine if the optical media instance is authentic. For example, if the o-DNA signature 906 includes a signature, s, signed with a private key of an issuer, the verification component 904 can decrypt the o-DNA signature 906 by employing a public key associated with the issuer. As described, the o-DNA signature 906 can also include the error fingerprint that is known to correspond to errors on an authentic optical media instance. If the error fingerprint is compressed, the verification component 904 can decompress the error fingerprint and compare the decompressed information with the error data 904 to determine if the subject optical media instance includes a substantially similar set of manufacturing errors.

While there are a number of potential scenarios, briefly, if the subject optical media instance (e.g., the source of the error data 904) maintains a high degree of similarity with the data included in the o-DNA signature 906 (e.g., error data from a known, authentic optical media instance), then the subject optical media instance can be deemed authentic. Otherwise, the subject optical media instance may be deemed to be counterfeit. The degree of similarity can be based upon a comparison metric, δ, that can be a predefined and statistically validated threshold. For example, δ can be defined based upon a variety of factors such as potential differences between media players/readers (e.g., the reader employed to construct the o-DNA signature 906 versus the reader that obtains the error data 904 for comparison, or based upon different brands of commercial readers and so forth), wear and tear or other degrading effects on the optical media, or the like. Moreover, when the o-DNA signature 906 is constructed based upon type 3 errors, then error data 904 can be obtained in a commensurate fashion. For instance, if o-DNA signature 906 encodes the deterministic type 3 errors of the 24^(th) millimeter of the optical media instance, then error data 904 can relate to multiple (e.g., 10) reads of that portion of the optical media instance.

In accordance therewith, it is readily apparent that the o-DNA signature 906 can be employed to facilitate counterfeit deterrence. For example, in the realm of software distribution, users are commonly given an optical media instance with a copy of protected software. The software could be Original Equipment Manufacturer (OEM) pre-installed on a computer as well. In either case, the user will likely believe that the copy is authentic but may desire to authenticate it. Additionally, during installation the software itself could ask the user to put the authentic optical media instance with an o-DNA signature 906 into a DVD player (or other device) that can host the verification component 904 as well as the system 900. The system 900 could respond to such according to the following four cases:

-   -   True positive—in which case the user can be assured that the         copy is authentic. This data could be used to replace or         complement existing product IDs.     -   True negative—the user can be notified (described infra in         connection with FIG. 11) that the o-DNA is invalid. In this         case, the issuer and/or copyright owner could provide incentives         to users to report the results of this test, which can be         performed in an automated fashion such that, e.g., the user need         only agree to submit the information. It is to be appreciated         that in most cases the likelihood that the copy is counterfeit         should be very certain for this diagnosis.     -   False positive—this case means that a counterfeit copy has just         passed the authentication test. An objective of the o-DNA         signature 906 as well as other aspects described herein can be         to mitigate false positives. Thus, the probability of a false         positive should be small under versus an adversarial attack with         bounded funding.     -   False negative—this case means that an authentic copy has been         rendered as counterfeit. Here, the user might report this result         to the issuer or copyright owner, including the identification         of the software seller. While this might reflect detrimentally         on the software seller, the overall ecosystem should be able to         tolerate a relatively high likelihood of false negatives because         copyright owners can choose to react only if they receive         uncharacteristically high ratio of false negatives from a         specific seller.

Similarly, the o-DNA signature 906 could be used by individual users who create recordable optical media or, as another example, by entertainment studios. In the first case, the user can produce DVDs (or other optical media instances) that can be authenticated to a recording device. In the second case, specific CD or DVD players (or other devices) could verify the authenticity of the optical media content, and can provide the user with a mechanism for reporting the results of the authentication test to the entertainment studios or other parties.

It is to be appreciated that conventional consumer-grade media players can read the low-level error data (e.g., error data 904), however, often this data is merely used for internal procedures such as error checking. Accordingly, if an existing player, while certain to be able to read error data 904, is not configured to store and/or transmit the error data 904 (e.g., to the receiving component 902), then a modification can be made to provide this functionality. For example, a minor modification to the Basic Input-Output System (BIOS) can facilitate such a feature. Moreover, based upon the aspects described herein, players manufactured in the future can be readily configured to persist the low-level error data 904.

Moreover, it should also be appreciated and understood that since some manufacturing errors can manifest as signals with pulse-widths far from integer clock values. While these errors tend to be less likely (see e.g., reference numeral 406 from FIG. 4B), there exists the potential that these types of errors will be read differently during distinct DVD read-outs. For example, assume a pulse-width, d_(i)=3.501 clock cycles. A DVD player could read this pulse-width as 2 or 3 zeroes in different read-outs. Clearly only one of the values is correct, whereas the other one is erroneous. Since this is a probabilistic effort, while both issuing and verifying the errors of the o-DNA, the player can to read the same track several times in order to detect “all errors.” It can be reasonably reliable to assume that reading the desired set of tracks from the optical media instance, say, 10 times should be sufficient to detect most errors in that region.

In accordance with an aspect of the claimed subject matter, the verification component 904 can verify the authenticity of an optical media instance based upon the following acts:

-   -   I. Verifying that the in-field disc is the same as the one that         was issued—here errors from the o-DNA signature 906 can be         extracted and the verification component 904 can establish that         |E_(M)∩E_(T)|>α|E_(M)|, where E_(M) can represent a set of         errors signed during o-DNA issuing, E_(T) can be a set of errors         extracted in-field, operator |·| can return the cardinality of         an argument set, and α can be a real positive scalar less than         but close to 1.     -   II. Verifying that E_(T) does not have too many errors—although         unlikely, it may be possible for a counterfeiter can imprint         E_(M) during an adversarial effort and thus create a match in I.         supra. However, the adversary cannot control the manufacturing         process to the extent to prevent additional expected         manufacturing errors. Therefore, the expectation is that the         adversary will have approximately |E_(M)| additional errors on         the counterfeited disc. Thus, the verification component 904 can         check whether |E_(M)|<|E_(M)| (1+β), where β can be a real         positive scalar less than but relatively close to 1 (e.g.,         β=0.8).

Based upon the provided detector description, one can compute the probabilities of false positives and false negatives for a given α and β. Assuming that there is no adversarial attack, the probability of a false positive is practically equal to zero even for relatively small |E_(M)|.

In many scenarios, one of the important features of a successful COA system is robustness to wear and tear. In the case of the o-DNA signature 906, the demand for robustness can, e.g., affect test II. For example, scratches and other surface scuffs can cause additional errors but rarely affect existing errors on the disc.

It can be important that the cardinality of the set of additional errors due to wear and tear, E_(S), is not greater than β|E_(M)|—in the opposite case, the verification component 904 would report false negatives. As presented earlier, false negatives generally do not represent a significant threat to the ecosystem as the counter-piracy activity can be dependent upon an aggregation of responses from a particular vendor. Even so, it is still possible to observe the increase in |E_(S)| as optical discs get scratched, which is detailed in connection with FIG. 10.

FIG. 10 provides an exemplary table that illustrates error scanning results obtained from reading errors from four different optical media instances with three different types of contents. For example, the contents of Disk 1 was an IDE suite; for Disk 2, an operating system; and for Disk 3, a business suite. Each of the disks was scratched three times: first, only slightly—this level resembles normal use of DVDs discs with software on them; second, somewhat strongly—this level resembles heavy usage of software or music and video DVDs; and third, severely so that the data could not be read from the tests disks. The results indicate that normal heavy usage rarely doubles the number of errors on a disk. Hence, proving efficient the assumption about the verification step II. It is to be understood that the solution to this issue is strictly technological, as several scratch resistant materials are available that could greatly improve robustness to wear and tear for o-DNA-based.

When implementing o-DNA-based optical media distribution systems, system designers can chose |E_(M)| by reading errors from a desired part of the optical media. Here |E_(M)| can be balanced by the following properties: one would want large |E_(M)| because of improved security, reliability, and error rates. In contrast, one would want relatively small |E_(M)| for a smaller footprint of the o-DNA signature on the optical media instance and shorter error read-time both during issuing and verification. At an error rate of 0.014%, an error read-out at 24 mm during even a single revolution of a DVD, is sufficient to produce |E_(M)|>100. The resulting o-DNA signature stored back onto the DVD would be about 850-bits long. Since the disk encounters 24 revolutions per second at 1× playback speed, one can observe that significantly larger E_(M) sets could be easily considered in realistic systems of conventional functionality.

Turning now to FIG. 11, an exemplary system 1100 that can facilitate and provide notifications is illustrated. Generally, the system 1100 (as with system 900) can be embedded in or hosted by a commercial optical media reader and can include a receiving component 1102 that can receive information 1104 from an optical media instance 1106 with an o-DNA signature 1108. The information 1104 can include, e.g., error data associated with manufacturing errors of the optical media instance 1106 as well as the o-DNA signature 1108. The system can also include a verification component 1110 that can compare the error data with the o-DNA signature 1108 to determine whether the optical media instance is authentic as substantially described supra in connection with FIG. 9.

In addition, the system 1110 can include a notification component 1112 that can transmit a notification 1114. The notification component 1112 can transmit a different notification 1114 depending upon a context. For example, as detailed supra in relation to FIG. 3, the o-DNA signature can include a tag. Thus, in accordance with an aspect of the claimed subject matter, the notification 1114 can include information associated with the tag and the notification component 1112 can transmit such information to, e.g., a display such as a monitor or a television coupled to an optical media player.

In accordance with another aspect, the notification 1114 can relate to a determination by the verification component 1110 that the optical media instance 1106 is not authentic. For example, as described in connection with FIG. 9, when an optical media instance is deemed to be a counterfeit (e.g., true negative scenario or false negative scenarios), then an issuer and/or rights-holder can be notified. In accordance therewith, the notification component 1112 can transmit relevant data (e.g., notification 1114) to the rights-holder. In addition, the notification component 1112 can also, e.g., as a prerequisite generate a display informing a user that the optical media instance 1106 is not authentic along with a request for permission to transmit the information to the issuer and/or rights-holder.

With reference now to FIGS. 12A and 12B, systems 1200 and 1210, respectively, that can facilitate authentication of optical media are depicted. System 1200 displays an examination component 1202 that receives error data 1204 and constructs an error fingerprint 1206 in a manner substantially similar to that described with reference to FIGS. 1 and 3. System 1210 illustrates a verification component 1212 that can receive information 1214 such as an o-DNA signature and error data from an optical media instance in a manner substantially similar to the description accompanying FIG. 9. Both systems 1200 and 1210 can include an intelligence component 1208. Typically, the intelligence component 1208 can aid in various determinations or inferences. For example, the intelligence component 1208 can interact with the examination component 1202 to, e.g., assist in optimization/compression of the error fingerprint 1206. Likewise, the intelligence component 1208 can interface with the verification component 1212 to, e.g., aid in resolving non-integer pulse-width readouts.

However, it is to be appreciated that the aforementioned functions are merely exemplary, and the intelligence component 1208 can perform a variety of other suitable function, all of which deemed to be applicable to the claimed subject matter. In particular, the intelligence component 1208 can examine the entirety or a subset of the data available and can provide for reasoning about or infer states of the system, environment, and/or user from a set of observations as captured via events and/or data. Inferences can be employed to identify a specific context or action, or can generate a probability distribution over states, for example. The inference can be probabilistic—that is, the computation of a probability distribution over states of interest based on a consideration of data and events. Inference can also refer to techniques employed for composing higher-level events from a set of events and/or data.

Such inference can result in the construction of new events or actions from a set of observed events and/or stored event data, whether or not the events are correlated in close temporal proximity, and whether the events and data come from one or several event and data sources. Various classification (explicitly and/or implicitly trained) schemes and/or systems (e.g., support vector machines, neural networks, expert systems, Bayesian belief networks, fuzzy logic, data fusion engines . . . ) can be employed in connection with performing automatic and/or inferred action in connection with the claimed subject matter.

A classifier can be a function that maps an input attribute vector, x=(x1, x2, x3, x4, xn), to a confidence that the input belongs to a class, that is, f(x)=confidence(class). Such classification can employ a probabilistic and/or statistical-based analysis (e.g., factoring into the analysis utilities and costs) to prognose or infer an action that a user desires to be automatically performed. A support vector machine (SVM) is an example of a classifier that can be employed. The SVM operates by finding a hypersurface in the space of possible inputs, where the hypersurface attempts to split the triggering criteria from the non-triggering events. Intuitively, this makes the classification correct for testing data that is near, but not identical to training data. Other directed and undirected model classification approaches include, e.g., naïve Bayes, Bayesian networks, decision trees, neural networks, fuzzy logic models, and probabilistic classification models providing different patterns of independence can be employed. Classification as used herein also is inclusive of statistical regression that is utilized to develop models of priority.

What has been described above includes examples of the various embodiments. It is, of course, not possible to describe every conceivable combination of components or methodologies for purposes of describing the embodiments, but one of ordinary skill in the art may recognize that many further combinations and permutations are possible. Accordingly, the detailed description is intended to embrace all such alterations, modifications, and variations that fall within the spirit and scope of the appended claims.

In particular and in regard to the various functions performed by the above described components, devices, circuits, systems and the like, the terms (including a reference to a “means”) used to describe such components are intended to correspond, unless otherwise indicated, to any component which performs the specified function of the described component (e.g., a functional equivalent), even though not structurally equivalent to the disclosed structure, which performs the function in the herein illustrated exemplary aspects of the embodiments. In this regard, it will also be recognized that the embodiments includes a system as well as a computer-readable medium having computer-executable instructions for performing the acts and/or events of the various methods.

In addition, while a particular feature may have been disclosed with respect to only one of several implementations, such feature may be combined with one or more other features of the other implementations as may be desired and advantageous for any given or particular application. Furthermore, to the extent that the terms “includes,” and “including” and variants thereof are used in either the detailed description or the claims, these terms are intended to be inclusive in a manner similar to the term “comprising.” 

What is claimed is:
 1. A system that facilitates authentication of an optical media instance, the system comprising: a receiving component that obtains information read from the optical media instance, the information comprising (1) a set of signatures associated with the optical media instance, and (2) non-deterministic error data associated with the optical media instance; a verification component that: selects an appropriate signature from the set of signatures based upon an identifier associated with a host optical media reader, and verifies authenticity of the optical media instance by comparing the appropriate signature to the non-deterministic error data; and a processor that executes the receiving component and the verification component.
 2. The system of claim 1, wherein the verification component employs a public key to decrypt the appropriate signature, the public key relating to an issuer associated with the host optical media reader.
 3. The system of claim 1, further comprising a notification component executed by the processor, wherein the notification component transmits a notification that the optical media instance is not authentic when an error fingerprint of the appropriate signature does not match the non-deterministic error data.
 4. The system of claim 1, wherein: the appropriate signature identifies encoded positions of individual non-deterministic errors, and the non-deterministic error data identifies in-field error positions that are extracted by the host optical media reader from the optical media instance.
 5. The system of claim 4, wherein the verification component compares the encoded positions to the in-field error positions to determine whether the optical media instance is authentic.
 6. The system of claim 1, embodied in the host optical media reader.
 7. A method implemented by a computing device for authentication of an optical media instance, the method comprising performing acts by the computing device, the acts comprising: obtaining information read from the optical media instance, the information comprising (1) a set of signatures associated with the optical media instance and (2) non-deterministic error data associated with the optical media instance; selecting an appropriate signature from the set of signatures based upon an identifier associated with a host optical media reader; and verifying authenticity of the optical media instance by comparing the appropriate signature to the non-deterministic error data.
 8. The method of claim 7, wherein the comparing comprises determining whether an error fingerprint of the appropriate signature matches the non-deterministic error data.
 9. The method of claim 8, the acts further comprising: when the error fingerprint does not match the non-deterministic error data, providing a notification that the optical media instance is not authentic.
 10. The method of claim 9, wherein the comparing comprises comparing a first set of errors identified by the error fingerprint and a second set of errors identified in-field on the optical media instance by the host optical media reader.
 11. The method of claim 7, the acts further comprising: causing the host optical media reader to read a specific portion of the optical media instance multiple times, and detecting non-deterministic errors in the specific portion to obtain the non-deterministic error data.
 12. The method of claim 11, wherein detecting the non-deterministic errors comprises classifying individual errors on the optical media instance as deterministic or non-deterministic based on numbers of times that the individual errors are detected over the multiple times that the specific portion is read.
 13. A processor-readable memory device or storage device storing instructions which, when executed by a processor, cause the processor to perform acts comprising: obtaining information read from an optical media instance, the information comprising (1) a set of signatures associated with the optical media instance and (2) non-deterministic error data associated with the optical media instance; selecting an appropriate signature from the set of signatures based upon an identifier associated with an optical media player; and verifying authenticity of the optical media instance by comparing the appropriate signature to the non-deterministic error data.
 14. The processor-readable memory device or storage device of claim 13, wherein the appropriate signature comprises a fingerprint identifying non-deterministic errors and a cryptographic signature applied to the fingerprint.
 15. The processor-readable memory device or storage device of claim 14, wherein the fingerprint comprises compressed error positions of the non-deterministic errors and the acts further comprise decompressing the compressed error positions to obtain uncompressed error positions used for the comparing.
 16. The processor-readable memory device or storage device of claim 14, wherein the acts further comprise decrypting the cryptographic signature to verify that the cryptographic signature originated from a valid entity.
 17. The processor-readable memory device or storage device of claim 13, wherein the identifier is associated with a model of the optical media player and the set of signatures includes individual signatures for other models of optical media players.
 18. The processor-readable memory device or storage device of claim 13, wherein the identifier is associated with a manufacturer of the optical media player and the set of signatures includes individual signatures for other manufacturers of optical media players.
 19. The processor-readable memory device or storage device of claim 13, wherein the optical media instance is a compact disc or a digital versatile disc.
 20. The processor-readable memory device or storage device of claim 13, embodied in the optical media player, the optical media player comprising the processor. 